What are you trying to telnet to? the rest inline -----Original Message----- From: Tom Rogers [mailto:trogers@xxxxxxxxxxxxxxxxxx] Sent: Wednesday, June 30, 2004 4:45 PM To: Isa Weblist Subject: [isalist] RE: Newbie Needs Help http://www.ISAserver.org Steve, Thanx for the reply. I have not found an article on the website that tells me how to Telnet. Here is another question I thought of...For firewall and web proxy clients, do I just define Sites and Content rules then Protocol rules and ignore IP Packet Filters? YUP When do I use IP Packet Filters? Only when allowing something to access the Internet on the ISA server itself? YUP -Tom > -----Original Message----- > From: Steve Moffat [mailto:steve@xxxxxxxxxxxxxxxxxxxxxxxxxx] > Sent: Wednesday, June 30, 2004 3:32 PM > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: Newbie Needs Help > > > http://www.ISAserver.org > > > There are articles for most, if not all that you require on the > isaserver.org website. > > Steve > > -----Original Message----- > From: Tom Rogers [mailto:trogers@xxxxxxxxxxxxxxxxxx] > Sent: Wednesday, June 30, 2004 4:23 PM > To: Isa Weblist > Subject: [isalist] Newbie Needs Help > > http://www.ISAserver.org > > First of all, is this list a place for newbies to get help or is it > only for seasoned pro's? > > If newbies can obtain help via this list, then here's my scenario... > > I have a simple, single domain, single subnet W2K network. I have 6 > servers total and various servers run DHCP, DNS, WINS, Exchange 2000, > Proxy Server 2.0 SP-1, IIS-5, etc. > > I am trying to implement an ISA 2000 Server. This is a brand new box. > It has two NICs, one internal and one connected to a Road Runner Cable > Modem which assigned IPs via DHCP. I have both my NICs setup properly > - following the tutorial on ISAserver.org > > I need to allow the following services to run through ISA: > > Internet User -> ISA Server -> FTP Server Internet User -> ISA Server > -> WEB Server Internet User -> ISA Server -> OWA 2000 from Internal > Exchange 2000 Server IIS-5 (Not using SSL, but requiring Windows > Authentication > > Internet User VIA VPN -> ISA Server -> Internal Network share Access > (and to use Terminal Server to access Servers) requires Windows > Authentication > > Internet User VIA pcAnywhere -> ISA Server -> Access any host running > pcAnywhere, including host on the ISA Server > > Exchange/POP3 software [an email gateway (connector) that retrieves > messages from Internet POP3 email accounts (IMAP also supported) and > delivers them to Exchange Server] software on ISA Server that goes out > to our ISPs mail server, downloads all emails into our Exchange Server > box -> ISA Server -> Internet (in order for this to work, all I need > to do is to be able to successfully TELNET to our ISP mail server on > port > 110) > > DynIP needs to work (software that automatically tracks dynamic IP > addresses assigned by our ISP, so we can act like we have a static IP) > When I make a web connection into my internal web server, i get to use > http://name.dynip.com/website instead of having to manually keep track > of the ISP assigned IP number. > > Internal User running Outlook Express -> ISA Server -> > SMTP/POP3 to Road > Runner ISP on Internet Internal User running AOL Instant Messenger -> > ISA Server -> Internet Internal User running Weatherbug - > ISA Server > -> Internet Internal User running MS IE 6.0 SP-1 -> ISA Server -> > Internet Internal User running MS Windows Media Player 9 -> ISA Server > -> Internet Internal User running RealOne Player 10 -> ISA Server -> > Internet Internal User running Listen Rhapsody 2.1 -> ISA Server -> > Internet > > Ok, I know it's alot, but that is my task. When I installed ISA > Server, I created and enabled a protocol rule so that only our > internal INTERNET USERS could access the Internet using all protocols, > at all times, the ALLOW ACCESS (Sites and Content) was already there. > This worked fine. I could access the internet with my web proxy > clients and firewall clients. I even setup the ISA server so that it > could access the Internet - worked fine. > > I next tried to setup the Exchange/Pop3 software, by trying to > Telnetting out, but it would not work. Sites and Content has the rule > ALLOW ACCESS, and I already have a Protocol rule setup to allow all > protocols, all the time. I could not Telnet. Then I setup a protocol > rule for Telnet, and created an IP Packet Filter and opened port 23 > both directions, on internal and remote. No luck. Then I tried to make > ISA server wide-open (everything flows freely) and it worked. I have > no idea how to correctly configure this with security. > > I have setup the DynIP software correctly - they had a tutorial on > their website. I tried to publish my OWA web server, but I cannot > access it from the outside world. I have not tried/tested the other > things I need to get working. > > Currently EVERYTHING works on my Proxy 2.0 Server when connected to > Road Runner cable modem. (I move the RR connection from my Proxy > Server to the ISA server when testing.) > > I have looked all over ISAserver.org, read numerous books and web > articles, but have yet to find out how to do all this. I really want > to get rid of my Proxy Server 2.0 and OWA 5.5 server (which runs on > the Proxy box). > > If anyone can help, please do so. I would GREATLY appreciate it. (ISA > Server seems more trouble than it is worth right now.) > > TIA, > > -Tom > > > > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > World of Windows Networking: http://www.windowsnetworking.com Leading > Network Software Directory: http://www.serverfiles.com > No.1 Exchange Server Resource Site: http://www.msexchange.org Windows > Security Resource Site: http://www.windowsecurity.com/ Network > Security > Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: > http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > steve@xxxxxxxxxxxxxxxxxxxxxxxxxx To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > This E-Mail is confidential. It is not intended to be read, copied, > disclosed or used by any person other than the recipient named above. > > > Unauthorised use, disclosure, or copying is strictly prohibited and > may be unlawful. Optimum IT Solutions disclaims any liability for any > action taken in connection of this E-Mail. The comments or statements > expressed in this E-Mail are not necessarily those of Optimum IT > Solutions or its subsidiaries or affiliates. > > administrator@xxxxxxxxxxxxxxxxxxxxxxxxxx > > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > World of Windows Networking: http://www.windowsnetworking.com Leading > Network Software Directory: http://www.serverfiles.com > No.1 Exchange Server Resource Site: http://www.msexchange.org Windows > Security Resource Site: http://www.windowsecurity.com/ Network > Security Library: http://www.secinf.net/ Windows 2000/NT Fax > Solutions: http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > trogers@xxxxxxxxxxxxxxxxxx To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: steve@xxxxxxxxxxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist